package com.alexeyk.spring.security;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	// @Autowired
	// public void configureGlobal(AuthenticationManagerBuilder auth) throws
	// Exception
	// {
	// auth.inMemoryAuthentication().withUser("alex").password("1").roles("USER");
	// auth.inMemoryAuthentication().withUser("admin").password("1").roles("ADMIN");
	// auth.inMemoryAuthentication().withUser("dba").password("1").roles("DBA");
	// }
	//
	// @Override
	// protected void configure(HttpSecurity http) throws Exception
	// {
	//
	// http.authorizeRequests().antMatchers("/admin/**").access("hasRole('ROLE_ADMIN')").and().formLogin().loginPage("/login").failureUrl("/login?error").usernameParameter("username").passwordParameter("password").and().logout()
	// .logoutSuccessUrl("/login?logout").and().csrf();
	// //
	// http.authorizeRequests().antMatchers("/admin/**").access("hasRole('ROLE_ADMIN')").antMatchers("/dba/**").access("hasRole('ROLE_ADMIN') or hasRole('ROLE_DBA')").and().formLogin();
	//
	// }
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http
		// .authenticationProvider(daoAuthenticationProvider())
		.csrf().disable().authorizeRequests().antMatchers("/admin/**")
				.hasRole("ADMIN").antMatchers("/nonsecure/**").permitAll()
				.antMatchers("/**").authenticated().and().formLogin()
				.loginPage("/login").permitAll();
	}

}